The bank’s official explanation of a technical glitch needs to be examined, by the RBI, which should commission a probe.
On November 5, 2021, the auspicious day of the Hindu New Year, the Economic Times burst a firecracker of a news story on IndusInd Bank. The story cited whistle blowers (a group of anonymous senior employees), who alleged that the bank’s microfinance subsidiary, Bharat Financial Inclusion (BFIL), carried out large-scale evergreening of loans in 80,000 accounts in May 2021.
Evergreening is the improper practice of giving new loans to help delinquent borrowers repay old loans.
Crucially, the ET story also disclosed for the first time that M R Rao, the non-executive vice-chairman, BFIL, and formerly its CEO, had resigned on September 15, 2021.
His resignation letter specifically stated: “…I am aware that RBI [Reserve Bank of India] has raised issues with respect to BFIL particularly the 80,000 loans given in May 2021, without customer consent. This is a point on which I expressed deep concern in the board and in fact demanded a third-party audit too. To me it appears to be not a process lapse but a deliberate act to shore up repayment rates. I had warned the board too about the serious consequences…”
In response, IndusInd Bank issued a statement to the stock exchanges denying evergreening, but admitting to disbursing nearly 84,000 loans without customer consent. However, the bank attributed it to a technical glitch that was detected and rectified. It said only 26,073 clients were active, with outstanding loans of only Rs 340 million.
Unfortunately for IndusInd Bank, the stock market rejected the management’s explanation, and shareholders lost Rs 94 billion (US$ 1.3 billion) in market capitalisation.
Assuming IndusInd Bank’s explanation to be credible, it highlights the high operational risk in the bank, as it implemented a technology upgrade in its end-to-end digital customer loan disbursal system with inadequate testing.
Shockingly, it appears that in the ‘upgrade’, the key customer approval stage was bypassed in disbursing loans. Worse, in the bank’s detailed explanation, there is not a single reference to accountability. Nobody is held responsible for the huge reputational loss to the bank and the US$ 1.3 billion loss to shareholders’ market capitalisation.
Such misconduct in any bank is unacceptable. This analyst had earlier highlighted the IndusInd Bank’s board of directors’ high level of tolerance for incompetence in the bank’s corporate credit and risk management divisions. The culture of lack of accountability for senior executives appears to be widespread in the bank.
With such a loss of credibility, only an RBI inspection and/or a forensic audit authorised by the banking regulator can unearth what exactly happened in IndusInd Bank, as the market has discarded the bank’s explanation.
Discussing the 1QFY2022 results on July 27, 2021 with analysts, Sumant Kathpalia, CEO, IndusInd Bank, deceptively remarked, “Bharat Financial Inclusion has maintained industry leading performance…” Not only did IndusInd Bank not disclose the “technical glitch” which happened on May 21, 2021, but it appears the bank considered disbursing loans to 84,000 customers without their consent as a contributing factor to BFI’s “industry leading performance.”
It was only on November 5, 2021, when Economic Times published a story of BFIL disbursing loans to 80,000 customers without their consent, allegedly for the purpose of evergreening, that shareholders became aware of this issue. The next day IndusInd Bank released a press statement followed by an analyst call, denying that the bank does evergreening. However, the statement did admit that, on account of a technical glitch, the bank had disbursed loans to nearly 84,000 accounts without their consent.
This, they claimed, was discovered by field staff within two days, and the glitch was rectified. By September 30, 2021 only Rs 340 million was outstanding, which was 0.12% of the portfolio.
In an interaction with this analyst, IndusInd Bank clarified that the loan disbursal systems are end-to-end digital in BFIL, without any manual intervention. In April, BFIL implemented a technology upgrade to its system. The biometric verification is sought for customer approval for the loan, and when it fails, a One Time Password (OTP) is sent to the customer’s mobile, which is then inputted in the system for customer approval. However on May 21, 2021, on account of a bug in the system, the OTP stage got bypassed for those customers who could not record their biometrics, and the loans were disbursed.
The bank’s official explanation needs to be examined. This analyst has covered the Indian banking sector for around 25 years, and in that time span, although there have been many cases of evergreening in the industry, no bank has officially admitted to actually doing it. If any bank were to admit to evergreening, its credibility would be destroyed and the CEO would be sacked, as no banking regulator could permit a CEO to continue in the post after admitting to evergreening.
Unfortunately, IndusInd Bank’s credentials lack credibility: for two consecutive years, FY2016 and FY2017, the bank, under the leadership of Romesh Sobti (the mentor of the present CEO), under-reported its non-performing loans.
Furthermore, the allegation of evergreening of BFI loans is being made by the former non-executive vice-chairman of BFIL, who was also its former CEO, as well as by anonymous senior executives of the company. Hence it has to be taken extremely seriously.
Even if one accepts the bank’s official explanation, it raises a significant concern regarding operational risk management and IndusInd Bank’s oversight of BFIL operations.
A technology upgrade is a major event in a bank and in BFIL’s case a complete due diligence should have been done of the entire life cycle of the loan disbursal. The technology upgrade is a 3-stage process of testing, approval and deployment. Prior to any technology upgrade, the process is discussed and, most importantly, signed off by the operations head, business head and by internal audit, which operate independent of each other. The stamp of approval by internal audit is essential, as it verifies that the proposed technology upgrade is compliant with the standard operating procedure of the bank. The technology upgrade also has to pass a vigorous User Acceptance Test (UAT). After a technology upgrade is undertaken, and prior to deployment across the bank, a pilot project is launched to examine how the upgrade is working, and any bugs in the workings are rectified. It is only after a successful pilot that the technology upgrade is again approved by the Change Control Authority which may include senior executives from operations, business and the internal audit head. On the first day of the commercial launch, it is constantly monitored to iron out any glitches which may have been missed during the pilot stage.
That a critical step in the digital process of customer verification, which is an extremely important stage in the loan disbursal system, should suddenly fail after it has been implemented in the entire company, and after many days of operation, appears strange. This failure ultimately resulted in a US$ 1.3 billion loss to shareholders in market capitalisation.
It defies explanation that IndusInd Bank’s press release has avoided any mention of accountability, and that the market is expected to naively accept that the technical bug was a random black swan event, which somehow escaped the internal evaluation of the software vendors and at least two independent teams within the bank during the upgrade process.
Nobody is to be held accountable. In the past, this analyst has repeatedly highlighted the lack of accountability in IndusInd Bank’s corporate credit and risk management divisions, which resulted in large losses. Here again, if it was truly a technical glitch as claimed by the bank, it should follow that there must be accountability; but there is no reference to accountability in IndusInd Bank’s response. It is therefore absolutely necessary that the RBI conduct its own inspection or authorise a third party forensic audit, to determine how BFIL could have disbursed loans to nearly 84,000 customers without customer approval.
Hemindra Hazari is an independent banking analyst. A version of this article first appeared on the author’s personal blog here.